Scope

The purpose of this document will be to discuss the steps on how to backup information pertaining to the Microsoft Identity Management Synchronization Manager products.

Microsoft Identity Integration Server 2003

Microsoft Identity Integration Feature Pack

Microsoft Identity Lifecycle Manager 2007 Feature Pack 1

Microsoft Forefront Identity Manager 2010

In this document we will refer to and focus on all of these products as
Synchronisation Service.

This document will not explain backing up the other Microsoft Identity Management components. Following components ewill not be covered here:

Microsoft Certificate Lifecycle Manager 2007 Feature Pack 1

Microsoft Forefront Identity Manager 2010 Service and Portal

Microsoft Forefront Identity Manager 2010 Certificate Management

Please review the bottom of this document for links containing information on backing up these products.

Scenarios

Developing and maintaining solutions built with any of the Microsoft Identity Manager Products will generate the need to back up your information.

Depending on what modifications are being applied, will depend on what items you should back up. You may not need to back up everything and thus the reason for the different scenarios. We will discuss what those areas are, and why you want to backup these
pieces of the solution.

Backup strategies

Daily and/or Weekly Backup Strategy

A good practice would be to develop some sort of daily and/or weekly backup strategy. It will assist in developing a good disaster recovery plan when executing updates or modifications to the current environment. A possible scenario may be to where the Identity
Management Solution runs without issue for months. Then a server crash happens. If the information is backed up, it will allow for less down time.

Before & after configuration changes

Backing up + Moving Backend Database

Backup – Backend SQL Server Database

Microsoft Identity Management products are a client/server application. The backend database is a Microsoft SQL Server database. Depending on the version of the Microsoft Identity Management product, the backend SQL Server could be Microsoft SQL Server 2000,
Microsoft SQL Server 2005 or a Microsoft SQL Server 2008 database. Microsoft SQL Server database files have the MDF extension. It is associated with the Logging database which is the LDF file. We will use the Microsoft SQL Server Backup utility to back up
the Microsoft SQL Server database.

A good practice for the back-end data is to do a nightly backup of the MicrosoftIdentityIntegrationServer (FIM2010: FIMSynchronizationService) database. This will allow for you to recover in case of a data disaster. You can find more information on database
maintenance
here. Our focus here is to navigate through the steps of backing up the SQL Server database.

Close the Identity Manager Console before beginning this process

Shut down the FIM Synchronization service

Important

This is very important, as if you have the Identity Manager Console up and running, or if you have scheduled jobs running when doing this step, you could run
into errors, and possibly corrupt data

Open Microsoft SQL Server Management Studio: (NOTE: We will use snapshots from SQL Server 2008 for the purpose of this document.)

Moving - backend database to a new or different SQL Server

A need may arise that will cause you to have to relocate the backend MicrosoftIdentityIntegrationServer (FIM2010: FIMSynchronizationService) database to a new Microsoft SQL Server. Scenarios would include:

Moving the database from a remote SQL Server to be a local SQL Server

Moving the database from a local SQL Server to remote SQL Server

Moving the database from a remote SQL Server to another remote SQL Server

Here we will cover the steps to accomplish this task and ensure that you have a backup of the database for disaster recovery purposes.

Close the Identity Manager Console before beginning this process

Shut down the Forefront Identity Manager synchronisation service

Important

This is very important, as if you have the Identity Manager Console up and running, or if you have scheduled jobs running when doing this step, you could run into errors, and possibly corrupt data

Open Microsoft SQL Server Management Studio: (NOTE: We will use snapshots from SQL Server 2008 for the purpose of this document.)

Open Microsoft SQL Server Management Studio: (NOTE: We will use snapshots from SQL Server 2008 for the purpose of this document.)

Microsoft SQL Server 2000: Enterprise Manager

Microsoft SQL Server 2005: SQL Server Management Studio

Microsoft SQL Server 2008: SQL Server Management Studio

Connect to the Microsoft SQL Server that will host the MicrosoftIdentityIntegrationServer (FIM2010: FIMSynchronizationService) database.

Right click on databases and select Attach

Click the Add button

Point to the location where the MDF and LDF files are located

Click the Ok button

Click the Ok button and the database should be re-attached

If you changed to a new SQL Server version (upgrade), you will need to execute an uninstall and reinstall of the Microsoft Identity Management product that you are utilizing here.

Caution

Make sure to reinstate the Service Broker Enabled setting on the FIM Synchronisation server data base, because moving a DB to another, resets the settting to false

Open SQL management studio.

Open the FIM Sync DB properties

Check the database 'options'

Service Broker > Broker Enabled

Source Code, Extension DLLs & data backup

Source code

If you have created any type of Metaverse or Management Agent extensions, you will have source code. It is very important to back up source code and compiled extension DLLs before making any code changes to the current source code. This will allow you to
have a backup copy of the previous code should a problem occur when the new code is put in place. Be sure to document your back up location, or utilize a location that your company specifies for source code backups. This information, will allow you to obtain
the source code very quickly should you need to revert to an old copy of the source code. A prime example will be if you were to have a consultant come in and develop a Metaverse or Management Agent Extension, you will want to back up this source code and
ensure that you know where it is when you need it.

To backup source code, is nothing more than doing a file copy of the source code folder and its contents to your backup location. You could automate something like this with a batch file or Windows Scripting Host file.

Extension DLLs & Data

If you have created any type of Metaverse or Management Agent extensions, you will have DLLs located in the %programfiles%\Microsoft Identity Integration Server\Extensions folder (FIM2010: %ProgramFiles%\Microsoft Forefront Identity Manager\2010\Synchronization
Service\Extensions). Ensuring that these DLLs are backed up prior to any code modifications, upgrades, or hot fix installations will help provide a way to revert to the previous builds should you encounter a problem with the new DLLs.

Like backing up the source code, this is nothing more than a file copy of the Extensions folder to your provided backup location. Here is a list of folders that would be recommended to back up as well.

SourceCode: by default, GALSYNC and LOGGING source code is installed into this folder. You may have custom source code in this folder as well. If you have custom GALSYNC and/or EXTENSION source code in another location, navigate to
that location and backup this information.

MaData: folder contains specific information for each of the Management Agents that you have created. It does not house Management Agent configurations by default.

Data: by default, this is the location of the SQL Server MDF and LDF files. If you have followed the steps in “Backup
the backend SQL Server Database” then you do not need to worry about these files. There may be other files in this folder as well, and you will want to back up this information as well.

Management Agent Backup

Open the Synchronization Manager console

Open the Management Agents window

Right Click the Management agent of choice

Click Export Management Agent

Save the XML file

Metaverse Backup

Open the Synchronization Manager console

Open the Metaverse window

Right Click white space of choice

Click Export Metaverse

Save the XML file

Sync Server configuration backup

This section is designed to assist you in backing up your server configurations. The server configurations consist of backing up all management agent configurations and Metaverse configurations. Doing this step, exports all management agent configurations
as XML files to a specific location. The process does not allow you to overwrite files, so you will need to have a new location for each back up.

Open the Synchronization Manager Console

From the File menu select Export Server Configuration.

Select the folder to save the data

Note

You can only export to an empty folder. Make a new folder if needed.

Click OK.

Encryption key backup

This section is designed to assist you in backing up the encryption key.

Click the Start button then All Programs then navigate to the Synchronisation engine menu item.